Mac|Life – All Articles
by J.R. Bookwalter
Well, here’s an unexpected wrinkle in the “MacDefender” malware saga: Apple just pushed out a small Snow Leopard security update to squash the malfeasant, which was widely expected to be addressed in a forthcoming Mac OS X 10.6.8 update.
Apple has been just full of surprises on Tuesday, with its WWDC 2011 keynote press release this morning confirming the existence of both iOS 5 and iCloud, then afternoon updates to the iOS iWork apps, introducing universal support for the iPhone and iPod touch. But the company isn’t quite done with the day, having just pushed out Security Update 2011-003.
So what is Security Update 2011-003? It’s small (2.1MB) patch for Mac OS X Snow Leopard 10.6.7 users to address the recent “MacDefender” malware. Developers recently noted that a seed of Mac OS X 10.6.8 included a patch for Mac Defender in its release notes, but it appears that Apple wanted to move quickly by squashing the nuisance now, rather than waiting for a larger OS X update.
MacDefender first came to light at the beginning of May, when it received unprecedented coverage from websites covering Apple. The malware first appeared on Google image searches, presenting itself as an antivirus installer. Thankfully, the nuisance was not widespread, and now Apple has moved to address the problem quickly.
The security update specifically addresses three MacDefender-related issues. The first adds a OSX.MacDefender.A definition to the malware check within File Quarantine, while the second provides for daily checks for the File Quarantine malware definition list, which will provide updates to squash future nuisances in the same vein as Mac Defender.
The third and most important part of Security Update 2011-003 is the actual removal of the MacDefender malware, if detected. “The installation process for this update will search for and remove known variants of the MacDefender malware,” Apple’s support document explains. “If a known variant was detected and removed, the user will be notified via an alert after the update is installed.”
Users running Mac OS X 10.6.7 Snow Leopard are encouraged to run their Software Update (or download direct from Apple’s website) as soon as possible to install Security Update 2011-003; it’s a tiny patch and doesn’t even require a restart as many such updates do.